Comment by godelski

Comment by godelski 20 hours ago

If your number is seized then the new account holder has no chat history. i.e. the vault is cleared out. In that situation you will also be kicked out, clearly telling you that your account has been hijacked.

You can also lock registration of your device.

What is your security concern here?

AnonC 17 hours ago

> You can also lock registration of your device

Registration lock expires in seven days or less. [1]

[1]: https://support.signal.org/hc/en-us/articles/360007059792-Si...

Reply View 4 replies

godelski 15 hours ago
Please actually read
> Registration Lock expires after 7 days *of inactivity*
I don't know why you dropped "of inactivity" and changed it to "or less".
If you use signal once a week you're fine. Maybe it should be longer but that's a different argument and there's no reason to be disingenuous about it
Reply View | 3 replies
- Aissen 14 hours ago
  
  It does not matter if you lose control of the number, the new person will be able to register. The 7 days period is for you to get control of the number back or make sure all your contacts know about the issue.
  
  Reply View | 0 replies
- bratwurst3000 9 hours ago
  
  am I reading it wrong? but on my phone if i activate reglock again it says that if pin fails the account is blocked for seven days. I asume that after 7 days one still needs the pin to register or am i wrong?
  
  Reply View | 1 reply
  
  godelski 2 hours ago
  
  You'll get the opportunity to change the pin.
  There's a balance they want to strike. You can't assume phone numbers are unique to a person across time. So they need to be able to expire when someone stops using a number.
  But again, acting on the other side also gets a notification in the chat stating that the security number has changed. The new person doesn't have the signal chat history. So if you're talking about sensitive things then it's a strong indication you should reverify their identity. Not practical for every day users but that's also not a typical threat scenario
  
  Reply View | 0 replies

beeflet 19 hours ago

Impersonation, MITM attack

Reply View 4 replies

mandevil 19 hours ago

If you have done the out-of-band safety number verification, then impersonation attempts will give you a warning that their safety number has changed. I know this because I got that error when my wife replaced her cell phone.
I believe (though I haven't verified it myself) that even if you haven't verified the numbers using an out-of-band exchange mechanism, you will get a warning if the safety number as observed by their server changes. I believe they would need to know your Signal PIN to restore from backup, which means that even if you've set that it will give an alert, presuming basic security competence from the people you are conversing with.

Reply View | 2 replies
- AnonC 17 hours ago
  
  > If you have done the out-of-band safety number verification
  I personally have never seen anyone do this, even when they’re supposed to do it right from the very beginning. So practically this is of very little value to most of the user base.
  
  Reply View | 0 replies
- vel0city 16 hours ago
  
  You get notifications if the safety number gets changed from a device change either way. But doing the in person validation helps ensure that particular safety number you received was actually their safety number and not a MitM on first contact.
  
  Reply View | 0 replies
godelski 18 hours ago
> Impersonation
Yes, but with a canary. Would you rather not have a canary? The other person also receives a warning that the verification number has changed. It's not like the existence of a phone number is what creates the ability to hijack an account. And again, you can do registration locking so that solves that problem.
You can also do verification of your contacts. Best done in person where you can check the keys.
> MITM attack
I don't think that means what you think it means. Who is in the middle? This is E2EE
Reply View | 0 replies